Closed
Bug 436043
Opened 16 years ago
Closed 15 years ago
time errors (certErrorExpired and certErrorNotYetValid) should indicate "now"
Categories
(Core Graveyard :: Security: UI, enhancement)
Tracking
(Not tracked)
RESOLVED
FIXED
mozilla1.9.3a1
People
(Reporter: timeless, Assigned: timeless)
References
()
Details
(Keywords: late-l10n)
Attachments
(1 file, 2 obsolete files)
4.02 KB,
patch
|
KaiE
:
review+
|
Details | Diff | Splinter Review |
i distinctly remember working to implement something like this for maemo, specifically we had a certificate viewer which would indicate that a certificate was expired, just like this content (sadly it wasn't nss related), but there's a general rule of thumb: if you're going to tell a user that there's something wrong with a time, you need to tell the user the current time, otherwise the user will unfortunately assume your math is bad (in the case we hit, the math actually *was* bad, but...). users may trust browsers, but they also naively trust their system clock more than their browser, so unless the browser highlights that perhaps the system clock is wrong, users draw unfortunate conclusions. Note: it isn't OK to get the time a second time, as the system can be jumping w/ ntpdate / similar network time syncs / domain time syncs, or the user futzing with the clock before/after the single call. local variables shouldn't begin with the 'a' prefix, and comptrs are our friends....
Assignee: nobody → kaie
Component: Libraries → Security: UI
Product: NSS → Core
QA Contact: libraries → ui
Version: trunk → Trunk
Attachment #322754 -
Flags: review?(kaie)
if there's a string freeze that worries people. i'm fine w/ just landing the changes to mozilla/security/manager/ssl/src/nsNSSIOLayer.cpp and leaving the other bit out. that'd enable downstreams (like a microb) to integrate the change w/ their localizations. ideally there'd be some way to add the change to locales as they're ready/able instead of permanently freezing the en-us string.
The error message on the current page is: Secure Connection Failed xxx.xxxx.com uses an invalid security certificate. The certificate will not be valid until 19-6-2008 2:00. (Error code: sec_error_expired_certificate) * This could be a problem with the server's configuration, or it could be someone trying to impersonate the server. * If you have connected to this server successfully in the past, the error may be temporary, and you can try again later. Beside the patch above(not tested byme), it should add a suggestion to check the local date time.
Comment 3•16 years ago
|
||
Could you please use numbered string wildcards, I think it's something like %S$1 When localizing, the order of those entities might change. Please also add a one-line comment for localizers that mentions which ID means what.
Comment 4•16 years ago
|
||
Comment on attachment 322754 [details] [diff] [review] show the current time in addition to the unacceptable time r- for multiple use of %S in a single string, but remainder looks good, and you get r+ if you fix this issue.
Attachment #322754 -
Flags: review?(kaie) → review-
Assignee: kaie → timeless
Attachment #322754 -
Attachment is obsolete: true
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Attachment #354857 -
Flags: review?(kaie)
Comment 6•15 years ago
|
||
Thanks for the updated patch, and I agree with your change, thanks a lot. However, I have to apologize and want to ask for one more change. When you make such a change, you must use updated string identifiers, and of course change the code that uses them. :-/ (Unless Pike thinks changing the ID is not necessary)
Comment 7•15 years ago
|
||
Also, please indicate that you have tested the patch.
Attachment #354857 -
Attachment is obsolete: true
Attachment #356484 -
Flags: review?(kaie)
Attachment #354857 -
Flags: review?(kaie)
Comment 9•15 years ago
|
||
Comment on attachment 356484 [details] [diff] [review] renamed Thanks, r=kaie
Attachment #356484 -
Flags: review?(kaie) → review+
Updated•15 years ago
|
Keywords: checkin-needed
Comment 10•15 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/b4b43727e6a5
Status: ASSIGNED → RESOLVED
Closed: 15 years ago
Keywords: checkin-needed
Resolution: --- → FIXED
Target Milestone: --- → mozilla1.9.3a1
Comment 11•15 years ago
|
||
Comment on attachment 356484 [details] [diff] [review] renamed We're working on mobile devices which generally have an incorrect notion of the time. As a result the current error message in 1.9.2, which doesn't include this fix, results in users blaming the browser instead of recognising that the system is at fault. We'd appreciate it if this patch could be approved for the 1.9.2 branch. We're aware that this introduces new strings. It's currently available in 18 translations: http://mxr.mozilla.org/l10n-central/search?string=certErrorExpiredNow&find=properties http://mxr.mozilla.org/l10n-central/search?string=certErrorNotYetValidNow&find=properties
Attachment #356484 -
Flags: approval1.9.2?
Comment 12•15 years ago
|
||
I'm not sure that the message improves the situation significantly enough to warrant landing this on 1.9.2 still.
Updated•15 years ago
|
Attachment #356484 -
Flags: approval1.9.2?
Comment 13•15 years ago
|
||
Comment on attachment 356484 [details] [diff] [review] renamed We can't take string changes on 1.9.2 now.
Updated•8 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•